[00:00.000 --> 00:05.400]  in the lab. We're going to be covering everything from kind of the basic level to the advanced level.
[00:05.520 --> 00:11.620]  When this thing's all with, I'm going to be jumping on IoT Village Discord, where you'll
[00:11.620 --> 00:16.920]  be able to ask me more questions. I also, everything we're going to talk about to show today,
[00:16.920 --> 00:21.800]  I actually have a price list. It's kind of an Amazon type price list, showing a lot of, well,
[00:21.800 --> 00:26.060]  not just Amazon, but various places that you can buy this stuff. That'll give you an idea. Of
[00:26.060 --> 00:29.540]  course, if you shop around, you'll be able to get some of this stuff cheaper.
[00:30.000 --> 00:35.940]  So, let's go ahead and talk about what our agenda is today. So, we've broken this up into
[00:36.640 --> 00:42.480]  a number of categories. Disassembling, assembly of hardware tools for taking things apart.
[00:43.200 --> 00:48.960]  Soldering, desoldering equipment. Magnification, which may come in handy. If you have that perfect
[00:48.960 --> 00:54.620]  eyesight, more power to you. But for some of us that may not have great eyesight or getting a
[00:54.620 --> 01:02.360]  little older, magnification plays a big role into how we can actually see things and do soldering
[01:02.360 --> 01:08.500]  at surface mount level type technology. We're going to be looking at monitoring devices and
[01:08.500 --> 01:14.400]  technology. Debugging tools. And then I'm going to cover probably one of the most important ones.
[01:14.400 --> 01:20.860]  It's the odds and ends. The pieces and the parts that make your life way much easier in a lab.
[01:20.860 --> 01:26.920]  And often the pieces and parts build within your lab as you kind of work through the various
[01:26.920 --> 01:32.760]  aspects of testing things. You go, hey, if I bought this little item here, this header, this plug,
[01:32.760 --> 01:37.820]  this switch, it would make my life easier. So, you start building up a good ensemble of those
[01:37.820 --> 01:41.900]  type of techs. We're going to be talking about those at the end also, which I think is very
[01:41.900 --> 01:50.340]  important. But let's go ahead and jump out over to a screen and let's go ahead and get a camera
[01:50.340 --> 01:58.920]  going in here and see how this works. Oh, that's kind of interesting. Control. There we go. That's
[01:58.920 --> 02:06.820]  much better. So, let me get out of the way of the camera so you all can see me. So, again,
[02:06.820 --> 02:13.780]  this is kind of my lab. And we wanted to start off with looking at tools to take things apart.
[02:14.020 --> 02:20.800]  To start with, a screwdriver set. These things are critical. And I would recommend,
[02:20.800 --> 02:28.060]  I had a previous screwdriver set, if I can get it apart, that did not have a box for it. And one
[02:28.060 --> 02:32.260]  of the things I found out is they're literally laying all over the place because I never had
[02:32.260 --> 02:38.420]  one good place to put them. Or they ended up in a bag somewhere and all disjointed. So, get
[02:38.420 --> 02:44.880]  something you can pop them in and out and it holds them real well. This has straight slots,
[02:44.880 --> 02:51.080]  Phillips. The other thing you want to consider is star tips. There's a number of small IoT devices
[02:51.080 --> 02:56.060]  when you go to take them apart will have the star pattern tips. So, you want to take that
[02:56.060 --> 03:02.920]  into consideration as a big component when you're doing this. And then you can get some other small
[03:02.920 --> 03:09.720]  toolkits. This is one I had sitting in my thing over here. And I didn't even know I had it. So,
[03:09.720 --> 03:18.680]  it's a good breakout with some basic sockets, needle nose, some of these different heads, stars,
[03:18.680 --> 03:24.420]  Phillips, straight slots, a little bigger size than the small ones that may come in handy.
[03:25.180 --> 03:28.020]  And then also, when you start thinking about it, kind of wrenches
[03:29.040 --> 03:34.620]  and different things like this, a set of cutters is always good. So, you want to have a good
[03:34.620 --> 03:39.300]  assortment of these. And every once in a while, I have a tendency to lose these things. So, I end
[03:39.300 --> 03:48.720]  up buying more sets of them over time. Also, something to consider is a pair of good cutters.
[03:48.960 --> 03:55.240]  Now, I've had wire cutters before, small ones like this. But I like these because the tips are way
[03:55.240 --> 04:02.040]  much thicker. These things are actually great. And they come in handy for not only cutting wire.
[04:02.040 --> 04:11.040]  But here's an example of a bracelet type thing, a tracker, that was hermetically sealed.
[04:11.040 --> 04:15.920]  This came in really handy for cutting through some of the plastic. Very durable. I've used
[04:15.920 --> 04:20.820]  this for removing shielding that are over components where I need to get access to
[04:20.820 --> 04:25.500]  shielding. So, having something that can cut through metal and plastic and durable,
[04:25.500 --> 04:30.380]  and the tip on this doesn't chip up. So, having something like that is pretty critical.
[04:30.380 --> 04:37.700]  The other thing you want to consider is spudges. So, what's a spudge? So, this one I managed to
[04:37.700 --> 04:43.120]  lose half the stuff that's in it. But this one has little fiberglass spudges in it. And these
[04:43.120 --> 04:50.220]  are pry tools that you can use for prying things open. These are all fiberglass. Several of them
[04:50.220 --> 04:54.960]  are kind of mangled because they've been beat up pretty heavy. I also have some small metal
[04:54.960 --> 05:02.880]  thin spudges in here and some ones that look like kind of the tip of guitar picks. Those come in
[05:02.880 --> 05:08.280]  handy for popping open plastic cases. And I also bought a kit, and this one's been really handy,
[05:08.280 --> 05:14.020]  that is basically metal ones. So, you have to be careful with these because they can like seriously
[05:14.020 --> 05:19.140]  hurt you if you're not careful or do some damage to the equipment. But these come in really handy
[05:19.140 --> 05:26.460]  for opening certain cases, removing certain plugs or connectors or things like that. So,
[05:26.460 --> 05:33.720]  having a good set of spudges is pretty good. Most of these are fairly inexpensive, $8, $9, $10.
[05:34.000 --> 05:38.860]  You can often get a set of these. I've seen some much bigger, nicer sets that run in the $20,
[05:38.860 --> 05:43.780]  $30 range. But always good to have a set of these. It'll make it very important
[05:43.780 --> 05:50.420]  when you're actually opening stuff up. Now, the ultimate tool,
[05:51.200 --> 05:56.800]  what happens when you end up with a case where you can't easily clip it open? You can't easily
[05:57.500 --> 06:03.780]  spudge it open. There's no screws in it. It is like thick. I've had cases that were actually
[06:03.780 --> 06:10.860]  eighth inch to three-eighths inch thick casing that were waterproof. What do you do? So,
[06:10.860 --> 06:17.980]  in those cases, what I like to do is a good old-fashioned Dremel tool.
[06:18.520 --> 06:23.200]  Now, you can get these in various prices. This one's probably the last one I got,
[06:23.200 --> 06:29.660]  which is reasonably new. My last one was cheaper. I think I paid like $35 for it like a decade ago.
[06:29.660 --> 06:34.840]  I finally burnt it up and had to go out and buy another one. And since I obviously make more
[06:34.840 --> 06:41.720]  money now, I went ahead and bought a better Dremel tool. So, if you were actually at the RSA
[06:41.720 --> 06:46.540]  event when we were working in the IoT village, we had a lot of light bulb type tech that we were
[06:46.540 --> 06:51.820]  playing with. And this is what I used to cut those good old-fashioned light bulbs apart
[06:52.520 --> 07:01.520]  that contained IoT-based technology in those. So, that's kind of the general hardware type stuff.
[07:01.520 --> 07:07.260]  The next thing we want to get to, and this is the price list that we want to get to before we
[07:07.260 --> 07:12.840]  jump into some other area or start asking questions, I want to talk about some of the
[07:12.840 --> 07:20.440]  soldering type tools or equipment. So, there's a number of solutions you can do from a soldering
[07:20.440 --> 07:27.840]  perspective. You can buy soldering irons in all kinds of different prices. Years ago, I used to
[07:27.840 --> 07:36.000]  like three or four soldering irons. So, they were all fixed heat levels or fixed wattage. I think I
[07:36.000 --> 07:41.340]  had one that was 25. I had one that was 45. I had one that was like 75. And I think I had one that
[07:41.340 --> 07:48.120]  would clear up to 100. Those worked for me back then. But as, you know, technology advanced,
[07:48.120 --> 07:53.100]  you start getting into surface mount devices. It becomes inherently more difficult to use those.
[07:53.180 --> 07:57.820]  They're a little more cumbersome. So, I always recommend actually picking one up that is kind
[07:57.820 --> 08:03.840]  of variable heat. So, you can change the heat on it. And if I don't smash everything in this lab,
[08:03.840 --> 08:11.280]  in the process, this is one you often will see a lot of people have. And I've used this as a HECO.
[08:11.320 --> 08:20.340]  And I've used this one for several years, like two or three years. It's variable heat. It worked
[08:20.340 --> 08:26.960]  for most point. And you can get a lot of tips for it. But as I got more advanced and more
[08:26.960 --> 08:33.360]  into more detailed type work, my biggest problem with this was heat recovery.
[08:33.780 --> 08:40.180]  So, when I went with really fine tips and I was soldering on something that was a ground,
[08:40.180 --> 08:47.100]  the problem I had was this device could not keep the heat level up. And it would make things harder.
[08:47.100 --> 08:52.340]  And so, when you can't keep the heat, the heat recovery is terrible or not really good on a
[08:52.340 --> 08:57.580]  device. It causes you to spend more time on the device, more time on the chip, more time on the
[08:57.580 --> 09:03.020]  leg. And it leads to damage of the components. You can easily end up pulling leads and stuff like
[09:03.020 --> 09:10.680]  that. So, to keep the actual time on device down, I actually cranked the heat of this thing all the
[09:10.680 --> 09:15.400]  way up, high as it would go. And that made it possible for me to work really quick. That kind
[09:15.400 --> 09:20.920]  of worked for me. Other people will do other things when they're dealing with this. But then
[09:20.920 --> 09:27.300]  I finally decided I wanted to move on. And I think these are right around $100. Great product,
[09:27.300 --> 09:32.500]  in my opinion, for entry-level starter. And it works pretty good. Now, there are other vendors
[09:32.500 --> 09:38.780]  that produce soldering equipment. And one of the ones I went with... let's see if I can move some
[09:38.780 --> 09:46.530]  stuff out of the way here... I went with a Weller. So, the Weller unit, hopefully you can see it,
[09:46.530 --> 09:55.970]  I think this is a WX01 or WX02. It actually has two soldering irons on it. When I purchased it,
[09:55.970 --> 10:04.110]  it came with a single soldering iron. This does, I think, want to say 65, 75 watts,
[10:04.110 --> 10:09.830]  somewhere around there. It's pretty good. Works great. This thing's capable of pushing out 150
[10:09.830 --> 10:16.530]  watts of power. So, you can run two irons. I turned around and actually purchased a micro iron.
[10:16.530 --> 10:21.230]  So, you can see this tip is really fine on the... probably can't even see it on the tip of my
[10:21.230 --> 10:27.970]  finger. It's pretty small. This is actually brilliant. Works really good. The difference
[10:27.970 --> 10:35.010]  is this is a very expensive unit. I think the retail on this was like $1,200. You can get it
[10:35.010 --> 10:40.290]  on sale and shop around. You can probably get it down around $800 or less. So, that's kind of
[10:40.290 --> 10:46.190]  where we want to think about soldering gear. You want to be able to have some good soldering gear
[10:46.770 --> 10:52.970]  that'll actually do what you want to do. You want to be able to deal with surface mount devices,
[10:52.970 --> 10:59.310]  small components, large components, you need good heat recovery. Good starter unit is the HECO.
[11:00.010 --> 11:06.190]  You can also get smaller range Wellers. That'll work pretty good. So, I would shop around
[11:06.970 --> 11:13.190]  and ask other people that have different equipment what they use. You'll find out a lot of people use
[11:13.190 --> 11:19.930]  the HECO, but you'll find a lot of people are fans of Weller or some of the other products.
[11:19.930 --> 11:28.970]  So, I definitely encourage you when you get ready to go out there, if that works for you,
[11:28.970 --> 11:35.230]  I loved it, had no problems other than the heat recovery issue. So, where do we go from there?
[11:35.730 --> 11:41.170]  So, the next area I want to talk about... now, let's go ahead and start off with asking some
[11:41.170 --> 11:52.610]  questions. So, Jonathan, are there any questions out there? Yes. So, looks like right off the bat
[11:52.610 --> 11:59.750]  here, we've been talking a lot about like sharp tools and hot ends on the solder iron,
[11:59.750 --> 12:05.830]  things like that. One question that came up was, what kind of safety equipment do you keep on hand
[12:05.830 --> 12:12.670]  with your lab? And do they include things such as maybe like goggles, first aid kit, fire extinguisher?
[12:12.830 --> 12:18.730]  So, I don't have a first aid kit. Well, I do have a first aid kit. It's my wife. She knows how to use
[12:18.730 --> 12:24.210]  911. Hopefully, she won't have to do that. But for safety equipment, there's some other things to
[12:24.210 --> 12:30.410]  think about. Obviously, when you're soldering, you don't want to have breathe all of the
[12:30.410 --> 12:37.570]  nasty smoke. That's a health and safety issue. So, I would recommend a fan. So, here's actually a fan
[12:37.570 --> 12:43.530]  that you can purchase that happens to be on a articulated arm. So, this works pretty good.
[12:43.530 --> 12:49.050]  The other thing I have in my actual lab, it's not within the picture range,
[12:49.050 --> 12:55.450]  but let me see if I can pull it off here, is a good old-fashioned fire extinguisher.
[12:55.850 --> 13:03.990]  And I also have safety goggles and safety gear associated with that. So, I would definitely
[13:03.990 --> 13:09.990]  recommend that if you set up a lab where you're going to be using hot equipment and sharp equipment
[13:09.990 --> 13:15.590]  or whatever the case may be, you want to be able to put out any fires that may actually show up.
[13:15.590 --> 13:24.990]  Luckily, I've never had to actually use this fire extinguisher. And speaking on that same thing,
[13:24.990 --> 13:30.830]  it becomes in handy when you start thinking about soldering your gear. This particular
[13:30.830 --> 13:34.470]  soldering gear here, if you go away from it after a period of time, it shuts off,
[13:34.470 --> 13:41.630]  which is nice. The Hakko does not. So, are there any other questions or you want to move on from here?
[13:43.430 --> 13:48.170]  Let me see here, taking a look at the list. I think we're okay to move on.
[13:48.370 --> 13:54.610]  Okay, good. So, let's go ahead and jump into the next thing, and that is kind of magnification.
[13:54.830 --> 14:00.930]  So, what kind of gear is available for actually magnifying or looking at things? I have a number
[14:00.930 --> 14:08.030]  of things that I use. One of them happens to be these goggles. So, they have adjustable
[14:08.490 --> 14:13.470]  eyepieces on them. You can turn a light on. This is good for close-up looking. So, you have to hold
[14:13.470 --> 14:19.510]  the item up close. So, you can't really do any soldering with that, but that comes in handy
[14:20.010 --> 14:25.930]  for quick examination of devices. One of the other things I have in here, I haven't used it in a while,
[14:25.930 --> 14:32.310]  but I used to use it quite a bit, and that is a pin camera. This is a USB pin camera that I can
[14:32.310 --> 14:40.950]  shine into things. It goes into smaller places, works pretty good. I also have a, actually, a
[14:40.950 --> 14:46.410]  borescope, an endoscope that can actually be put through small holes, and you can actually see
[14:46.410 --> 14:51.490]  stuff. That one's kind of packed away right now. The other equipment that I have is, and you may
[14:51.490 --> 14:57.830]  have seen this if you've been to the IoT Village where Rapid7 is working. This is a device that
[14:57.830 --> 15:07.910]  comes in pretty handy. Small bench camera with a screen. You can actually magnify it. It has
[15:07.910 --> 15:14.390]  variable settings on it. You can focus it. You can also hook a USB up to it and feed it into a TV.
[15:15.050 --> 15:19.710]  In this particular case, I went ahead and actually covered this with rubber.
[15:20.350 --> 15:25.150]  The purpose of the rubber in this case is to protect it, so I could actually put energized
[15:25.150 --> 15:36.660]  equipment on here and look at it also. So, some of the other equipment I have is, this is another
[15:37.420 --> 15:43.320]  USB microscope, and there's so many on the market. You know, which one's better than another one?
[15:43.320 --> 15:48.800]  Gosh, you know, that one's kind of a hard one. You can spend anywhere from 20 or 30 bucks up to
[15:48.800 --> 15:58.580]  $300 or $400 for one of these. I've seen these that would go clear to 5,000x, which was absolutely
[15:58.580 --> 16:05.290]  amazing. You could actually see the runs on a silicon chip with it, so it was kind of amazing.
[16:05.840 --> 16:11.100]  But that's, again, a very high end. So, but when we get into something bigger,
[16:11.100 --> 16:17.360]  something you want to solder under, this is the more expensive solution right here,
[16:17.360 --> 16:26.520]  which is a microscope. This is a great microscope that I have. This one does everything from 3x,
[16:26.520 --> 16:33.100]  I believe, all the way up to 90x. Has ability to mount a camera on it. It's variable focal length,
[16:33.760 --> 16:40.060]  and you can actually slide it in and out, which makes it really handy for this type of work,
[16:40.060 --> 16:45.940]  for magnification. And I do a lot of surface mount device work underneath this. I've used
[16:45.940 --> 16:51.980]  this for reball and BGAs and stuff like that. But this is an expensive unit, and they vary in
[16:51.980 --> 16:58.740]  price based on whether you go up to the higher caliber. This, like I said, this is 90x. It's
[16:58.740 --> 17:06.260]  about a $600 unit. But if we kind of move away from that and go, what can somebody who's entry
[17:06.260 --> 17:12.520]  level or right above entry level, looking for a good scope, here's one I used for a number of years,
[17:12.520 --> 17:21.260]  and I loved it. So, this here is also an Ampscope. This one will do 10 to 20x power.
[17:21.260 --> 17:28.480]  It is a fixed focal length. This device costs about $185. It is a brilliant piece of equipment.
[17:28.500 --> 17:34.720]  I have several of these that I use in various training that I've done in the past. And I would
[17:34.720 --> 17:39.280]  recommend, if you're looking for a scope and you don't have the big money, look at something like
[17:39.280 --> 17:46.000]  that. Look at Ampscopes and look at what they have to offer from a price point. And I think this
[17:46.000 --> 17:51.940]  model here was $185, and it worked like a champ. Again, I used it for a number of years,
[17:52.460 --> 17:56.720]  but then I kind of got greedy and wanted something that's like super-ass cool. So,
[17:56.720 --> 18:04.800]  I went ahead and bought this for work in my lab. So, what else can we dig into here? I think some
[18:04.800 --> 18:11.820]  of the most important thing we want to talk about in the area of soldering is to look at some of
[18:11.820 --> 18:18.660]  the other components that you may need for actual soldering. And when you get into soldering, it's
[18:18.660 --> 18:26.160]  kind of critical. You want to be able to... you want to have typical solder. So, let's go ahead
[18:26.160 --> 18:30.080]  and switch out the screen so we can actually dig into some of this stuff a little closer. Then
[18:30.080 --> 18:36.440]  we'll pop back to the other screen because we can actually show this stuff a little better here.
[18:42.170 --> 18:46.950]  So, here from the solder standpoint, there's a number of different brands out there. This
[18:46.950 --> 18:53.190]  particular brand is... sticks one after another. But I would get the small stuff. This one here
[18:53.190 --> 19:00.330]  happens to be the 0.3 millimeters. I use lead solder. I hate lead-free solder. Some people
[19:00.330 --> 19:07.130]  may like it. I think it's horrible to work with. So, I think this works much better in every case
[19:07.130 --> 19:13.410]  that I've ever worked with. And you also want to get solder wick. Solder wick comes in really handy
[19:13.410 --> 19:21.330]  for removing and cleaning solder off the board. But when you're thinking about actually removing
[19:21.330 --> 19:24.490]  solder and you want to
[19:26.570 --> 19:33.490]  dig in and remove surface mount devices, the ultimate solution for removing surface mount
[19:33.490 --> 19:40.670]  devices, in my opinion, easily is this product right here. If you have not used this ChipQuik
[19:41.250 --> 19:47.890]  surface mount device removal kit, you're missing out. This will make life much easier.
[19:47.890 --> 19:54.110]  It comes with a flux. So, you put the flux on it and then it comes... this looks like solder.
[19:54.110 --> 19:59.370]  This is not solder. It's way more brittle. It's a low-temperature metal. And what it'll do
[19:59.870 --> 20:05.150]  is it'll absorb the solder and it'll keep the temperature down low. So, let's say you're
[20:05.150 --> 20:14.870]  actually trying to move a TESOP 48, which is a 48-pin typical memory chip that is soldered down
[20:14.870 --> 20:22.510]  with 48 pins. It's kind of hard to keep 48 pins melted. But with this stuff, once you put it on
[20:22.510 --> 20:28.210]  there, you can easily spread it across each one of the leads. Gump it on there pretty good and
[20:28.210 --> 20:33.190]  it'll stay melted and you can lift the chip completely off the device. It's a true lifesaver.
[20:35.330 --> 20:42.470]  So, let's kind of move on. Are there any questions? Do we have any questions from the audience?
[20:51.940 --> 20:54.080]  Jonathan, any questions from the audience?
[20:54.220 --> 20:58.200]  Looks like the question list is empty here. One quick thing that did come up.
[20:58.200 --> 21:02.260]  You mentioned earlier you're going to provide a parts list, but one high-level question.
[21:02.260 --> 21:08.380]  Most of the parts that you've just mentioned now, such as like the chip quick and solder,
[21:08.380 --> 21:12.540]  do you generally purchase that going through maybe like SparkFun or maybe through Amazon?
[21:12.540 --> 21:16.260]  Again, knowing that you're going to provide the parts list, just a high-level question.
[21:16.260 --> 21:23.280]  Yeah, typically when I buy this stuff, I'll be honest with you, everyone. I'm kind of lazy.
[21:23.280 --> 21:28.700]  I'm an Amazon kind of guy. I can usually turn stuff around and a lot of times Amazon has stuff
[21:28.700 --> 21:36.040]  available quicker. So, if Amazon has it available within 24 hours, 48 hours, I'm going to pay that
[21:36.040 --> 21:42.820]  little extra and have that sent to me quickly. But yet, you can go off and buy this stuff from
[21:43.060 --> 21:51.180]  a number of vendors, a number of organizations that sell these types of products,
[21:52.020 --> 21:57.980]  hacker groups, hacker organizations, technology organizations, AliExpress.
[21:58.160 --> 22:02.560]  For a lot of the stuff you're going to see today, you can easily just order it and have it straight
[22:02.560 --> 22:09.280]  shipped from China. But again, I have a tendency to be a little lazy and when I want it, I like
[22:09.280 --> 22:15.440]  want it now. I don't want to wait a week for it because if I think I need it, I need it now. And
[22:16.040 --> 22:21.940]  that's usually how I go with Amazon. So, you'll see a lot of the links on here going off to
[22:21.940 --> 22:28.880]  Amazon or Weller or some of the other places for equipment manufacturers and buying it that way.
[22:30.660 --> 22:38.160]  Okay, so let's kind of move on here. So, the next area we want to look at is monitoring equipment.
[22:39.040 --> 22:44.960]  So, we start thinking about monitoring equipment, you know, how do we gain access to circuit boards
[22:44.960 --> 22:50.300]  and how do we start looking at data? One of the first things is kind of that USB to serial
[22:50.920 --> 22:55.840]  component. And I think a lot of people online are probably familiar with these.
[22:55.840 --> 23:01.840]  These are reasonably inexpensive. It's a bus pirate. And this will give you that level of
[23:01.840 --> 23:07.320]  access to be able to look at start looking at devices. One of the other things, I'm not a big
[23:07.320 --> 23:15.240]  fan of this. I have a tendency to like using this in a different way. There's other software
[23:15.240 --> 23:23.380]  you can actually install on these and actually turn these into debuggers for Atmel chips. So,
[23:23.380 --> 23:29.720]  if you need to debug or read data off an Atmel chip, you can easily take these and put I think
[23:29.720 --> 23:38.420]  it's SDK 500 V2 software on it. I think we demoed this last year at the IoT village was hands-on
[23:38.420 --> 23:44.920]  exercises that actually did that. We're using reprogrammed bus pirates. So, that's pretty good.
[23:45.020 --> 23:51.740]  The other thing, and I'm a fan of this, I have a whole box of these sitting around here. And it's
[23:51.740 --> 23:57.560]  the Shikra. The Shikra has a lot of capabilities. And here's kind of a little data sheet that comes
[23:57.560 --> 24:04.560]  with it. So, we have the UART. We have JTAG. And you can use OpenOCD that. And you can use SPI
[24:05.160 --> 24:13.100]  for actually reading memory off chips. And this device comes in really handy. I typically use
[24:13.100 --> 24:21.820]  this for UART. And like I said, I actually love this device quite a bit. And then there's other
[24:22.390 --> 24:28.360]  things you can do. There's other FTDI devices that can be used. Here's just a couple I have
[24:28.360 --> 24:36.320]  in my lab that I purchased for other purposes and reasons. And then there's another one I have.
[24:37.320 --> 24:42.480]  This one I bought not too long ago. I guess it's probably about three or four months ago.
[24:42.480 --> 24:50.040]  And this one actually has four UARTs built into it. So, it is a USB. It has four UARTs,
[24:50.040 --> 24:54.780]  and you can switch them between three volts and five volts. So, you can either hook them up here
[24:54.780 --> 25:01.140]  or hook them up into the actual plug jacks. This is nice. You plug it in and four UART functions
[25:01.140 --> 25:07.260]  show up. This makes it much more easier for hooking into multiple connection points on an
[25:07.260 --> 25:14.780]  actual device for doing UART testing or analysis. People have seen the work that I did on the
[25:14.780 --> 25:19.740]  interchip communication. I like to use one of these. It works out pretty good for capturing
[25:19.740 --> 25:29.560]  multiple UARTs for analysis as data as it flows through a system. And also, let's go ahead and
[25:29.560 --> 25:35.180]  move on to logic analyzers. So, I want to point out that Jonathan is actually going to be speaking
[25:35.180 --> 25:41.340]  tomorrow evening. Is it tomorrow evening or tomorrow morning, Jonathan? Yep, tomorrow evening.
[25:42.300 --> 25:52.180]  And he's going to do a talk on using logic analyzers. So, there's a lot of different
[25:52.180 --> 25:57.340]  logic analyzers you can buy. I think Jonathan has one of these he's actually going to show. He has
[25:57.340 --> 26:05.280]  another one. These are cheap. This is like 12 bucks. It does like 24, 24, 25 megahertz. Another
[26:05.280 --> 26:15.160]  one that I have. This one is a Saleh. This is their 4-channel one. It's no longer being
[26:15.160 --> 26:20.580]  manufactured, but Saleh had a whole stinking warehouse full of them. And they're selling
[26:20.580 --> 26:26.400]  these. These are more pricey. They're 100 bucks, but it's a Saleh. This is a high quality. Now,
[26:26.400 --> 26:34.380]  what I use is I do have a Saleh. I have the 8-channel. The 8-channel, I think this is like
[26:34.380 --> 26:42.780]  $600. This is the, I think it's 100 megahertz, 8-channel. This one's the actual pro.
[26:43.900 --> 26:47.720]  Works great for everything I'm doing in the lab. And if you're not doing it for
[26:50.300 --> 26:56.480]  a job, and you're just a hacker or whatever, and you're education and you're learning,
[26:56.480 --> 27:01.220]  you can actually get an EDU kind of version of this, which will save you a significant
[27:01.680 --> 27:05.380]  amount of money when it comes to logic analyzers.
[27:07.900 --> 27:14.260]  So, also, some of the things you may want to consider earlier, you may have seen the
[27:14.260 --> 27:19.760]  oScope, and that was in the back of my room. I have an oScope. I use it sometimes for basically
[27:20.760 --> 27:28.200]  signal chasing. But other than that, I don't use it that much for most of the tech that I have.
[27:28.200 --> 27:34.040]  But when you want one, it's nice to have one, and they come into a number of price ranges.
[27:34.260 --> 27:40.960]  Anything from, you know, typical ones you can run off your desktop or laptop with a small
[27:40.960 --> 27:47.820]  plug-in board, all the way to high-end digital built-in logic analysis type of stuff in the
[27:47.820 --> 27:53.740]  thousands of dollars. The one I have was the Textronics. I'm a big fan of Textronics since
[27:53.740 --> 27:59.180]  I came from the military, and I think mine was like $500 or $600, and I believe it was a 50
[27:59.180 --> 28:06.740]  megahertz box, and it works pretty good. So, moving from there, another area as a hacker
[28:06.740 --> 28:14.280]  that you want to get into is often the RF stuff. You want to start digging into RF. So, one of the
[28:14.280 --> 28:24.280]  big RF areas is often Bluetooth Low Energy. So, these are the go-to Bluetooth dongles. These are
[28:25.560 --> 28:32.080]  CSR8510s. These are the ones that'll work with pretty much any of the Bluetooth-developed
[28:32.080 --> 28:37.080]  software out there. They have the right chipsets in them. But these will only go up to, I believe,
[28:37.080 --> 28:43.580]  4.2 version. I don't think they'll support 5. I don't think I have anything here,
[28:43.580 --> 28:48.880]  actually, that supports 5 right now. It's something I need to add to my lab myself.
[28:49.100 --> 28:55.620]  So, that's one of them. Another thing is the Nordic. The Nordic makes a dongle that you can use with
[28:55.620 --> 29:02.940]  nRF Connect, their desktop product, and this happens to be it. I think I paid $25 or $35
[29:03.980 --> 29:10.020]  for this. So, I would recommend having one of these for Bluetooth. This has a lot of cool
[29:10.020 --> 29:17.120]  capabilities. And there's a number of development boards and testing boards that are available out
[29:17.120 --> 29:21.880]  there that give you the ability to take what you're doing with Bluetooth to almost any level
[29:21.880 --> 29:27.960]  you want. Another device I have that I actually like, it's pretty good. This is a Hulong.
[29:27.960 --> 29:37.420]  This is about $100, I think it was. This device, I've had it for a couple years,
[29:37.420 --> 29:43.160]  so hopefully they'll come out with a newer version at Sports 5. But this gives you the ability to,
[29:43.160 --> 29:48.920]  and it has to be run on a Windows box, gives you the ability to capture Bluetooth. So, it'll
[29:48.920 --> 29:55.960]  actually see the announcements coming out on Bluetooth, and it'll actually let you pick one
[29:55.960 --> 30:01.500]  of the devices out of the list of Bluetooth low-energy devices. And as soon as it, once you
[30:01.500 --> 30:09.000]  pick it out, it'll start to output all that stuff to Wireshark directly. And then once, it'll
[30:09.000 --> 30:16.300]  actually capture the pairing process and the entire authenticated process. Basically, I don't
[30:16.300 --> 30:21.520]  want to say man-in-the-middle, but capturing all of the data and outputting it correctly to
[30:21.520 --> 30:28.620]  Wireshark for analysis. So, it's probably one of the best ones out there. NRF, there used to be
[30:28.620 --> 30:35.120]  NRF Sniffer. I think it was Sniffer that was available that would run on a desktop. This
[30:35.120 --> 30:42.420]  thing's like way better. This actually has all three BLE channels, so it picks up all the data.
[30:42.420 --> 30:48.560]  It doesn't miss that much data, so it makes it a lot much better. So, I would recommend that. And
[30:48.560 --> 30:57.700]  of course, if you get into some other stuff, having the Ubertooth One is probably good. I
[30:57.700 --> 31:03.040]  heard people complaining that it really updates on the software or follow-up work on the software
[31:03.040 --> 31:09.060]  arena hasn't been done, which is kind of sad because I think it was a very brilliant capable
[31:09.060 --> 31:13.640]  tool. But hopefully, they'll continue supporting that, and we'll see some new capabilities come
[31:13.640 --> 31:20.080]  out in reference to that. Moving from that, typically, I don't have a ton of things.
[31:20.080 --> 31:26.040]  I think here we have a yardstick, which is under the gigahertz range
[31:26.820 --> 31:32.520]  capturing. And then, of course, and I know I have laying around here somewhere,
[31:32.520 --> 31:37.060]  which I have no idea where it's laying at. I'm like terrible in my lab.
[31:38.120 --> 31:41.520]  But I have a... Oh, there it is. I have a Hacker RF
[31:43.920 --> 31:51.260]  that may come in handy for some people that really want to do the work dealing with RF
[31:51.260 --> 31:58.580]  communication. So, I'd recommend buying what you can afford. You know, find an area that fascinates
[31:58.580 --> 32:05.460]  you on the hardware hacking area, and spend as much in that area that you can afford for the
[32:05.460 --> 32:11.500]  best tools. I would recommend shopping around. Some of these tools here may have newer versions
[32:12.120 --> 32:17.400]  there may be better release products out there. This is constantly a changing field.
[32:17.400 --> 32:23.940]  What I bought a few years ago doesn't necessarily meet the needs now in a lot of cases. So, I often
[32:23.940 --> 32:31.140]  find myself as I'm doing new projects and new testing that I have to go out and actually buy
[32:31.140 --> 32:37.160]  new equipment and new hardware. It seems to be an unending process. It's kind of like being married
[32:37.160 --> 32:43.040]  and a homeowner. You're always looking for an excuse to buy new tools for around the house.
[32:43.260 --> 32:48.120]  It's the same way as a hardware hacker. You're never going to be content until you have all the
[32:48.640 --> 32:53.540]  tools ever made on the face of the earth. But shop wisely, and I think you could do
[32:53.540 --> 32:58.620]  pretty good gathering up the needed stuff, being able to do the work.
[32:59.780 --> 33:04.280]  So, there's one other area before we take a quick break and actually look at...
[33:05.640 --> 33:12.800]  or has some questions. Another tool, let's not forget critical tools, a multimeter.
[33:13.460 --> 33:19.340]  Literally, I don't think there's ever on any engagement or any testing or any device I've
[33:19.340 --> 33:24.220]  tore apart where I was hacking on where I didn't use a multimeter. These are cheap. You don't need
[33:24.220 --> 33:30.160]  an expensive one. Mostly, I use this on the continuity field for actually tracing out runs
[33:30.160 --> 33:35.300]  on boards and stuff like that. It comes in very handy. I also use it for checking voltages prior
[33:35.300 --> 33:39.560]  to hooking stuff up to make sure that I'm matching the voltages correctly, because
[33:40.040 --> 33:43.260]  that can really screw things up if you get it wrong.
[33:44.000 --> 33:52.360]  Also, moving from there, let's go ahead and quickly cover the area dealing with debuggers.
[33:53.820 --> 33:59.420]  Matter of fact, let's kind of stop right there. And before we get into chip readers and debuggers
[33:59.420 --> 34:07.700]  and see if there are any questions. Open. Oh, good. Yeah, it looks like a couple popped up here.
[34:08.720 --> 34:17.620]  So yeah, I guess the first question we have here is, this is with regards to the physical non-RF
[34:17.620 --> 34:23.880]  signal quality that we're speaking of earlier. So you had mentioned the oscilloscope. And also,
[34:23.880 --> 34:28.840]  I know that you've mentioned that you aren't really going too in-depth with it these days
[34:28.840 --> 34:35.780]  because you don't really need it. So I'm curious, or excuse me, the question is asking, I am curious,
[34:35.780 --> 34:40.660]  would your answer to that be the SELE does okay for that sort of thing? And would you recommend
[34:40.660 --> 34:48.920]  the SELE over an oscilloscope? The answer to that is yes. I think my go-to is with the SELE logic
[34:48.920 --> 34:54.660]  analyzer 100% now for almost everything I'm doing. Almost everything I'm looking at is digital.
[34:54.660 --> 35:00.120]  SELE has come out with the... oh, gosh, what was the name of it? I'm losing my mind here.
[35:00.120 --> 35:05.380]  Just a second. Oh, yeah. Their logic tool, which is what interacts with the SELE.
[35:05.380 --> 35:15.200]  They came out with Logic 2. And the cool thing with Logic 2, it basically gives so much more
[35:15.200 --> 35:20.340]  features to the actual product. And one of the features is kind of continued streaming. Instead of
[35:20.340 --> 35:28.160]  capturing, just capturing data, like you often will do, this will actually let you loop that
[35:28.160 --> 35:35.080]  capture so it continues to run. So I find myself taking a logic analyzer and using it like a probe
[35:35.080 --> 35:42.680]  looking for ongoing signals, timing signals and stuff like that, clock signals that are ongoing,
[35:42.680 --> 35:47.880]  burst traffic, because I can easily stop on something and as this thing continues to run,
[35:47.880 --> 35:54.080]  I see burst traffic. So literally, it gives me a way to do some digital signal tracing. Maybe it's
[35:54.080 --> 35:59.840]  not the most effective way, but I think it's the most cost effective way. So definitely would
[35:59.840 --> 36:06.300]  recommend if you're going to spend the money, buy yourself a good logic analyzer. That besides the
[36:06.300 --> 36:14.820]  multimeter is the item that I inevitably use on every engagement and every testing that I do.
[36:18.170 --> 36:21.210]  Any other questions or is that it? That's it.
[36:21.270 --> 36:31.110]  All right, so let's go ahead and let's jump into chip readers. So hey, you happen to have a device
[36:31.670 --> 36:36.990]  and it has a flash memory chip and you want to be able to get the data off that flash memory chip.
[36:36.990 --> 36:44.870]  What are you going to do it with? So there's a lot of inexpensive solutions out there. This one here
[36:44.870 --> 36:57.550]  is an actual TL866 plus. This comes with a slew of sockets that go in for it. This is like a TSOP
[36:57.550 --> 37:06.470]  socket and they get 8 pin or 16 pin sockets and then 8 pin sockets. List goes on and on. There's
[37:06.470 --> 37:17.290]  30, 20 or 30 sockets you actually get with the socket that I purchased. That is actually a,
[37:17.290 --> 37:26.410]  oh gosh, here we go. It's a WSAN 8 socket. So you drop it in. These are a little more pricey.
[37:26.410 --> 37:36.410]  But the TL866 is not that expensive. I think I paid 130 bucks for the one that I have
[37:36.470 --> 37:46.670]  here. Although when you buy this and it comes with this particular socket, this TSOP48 socket,
[37:46.670 --> 37:52.530]  this will not work for all TSOP48 which is typically NAND flash chips. So you need to
[37:52.530 --> 37:58.930]  go out and buy this one to go with it. And you can get these off AliExpress or maybe some other
[37:58.930 --> 38:09.410]  sources. And this is the, get it right there, NAND08 socket. And typically this is the socket
[38:09.410 --> 38:15.210]  that's used on the chips that have literally a larger memory. You start getting in at,
[38:15.210 --> 38:25.450]  you know, 128 meg, 256 meg chips and higher, you're actually going to go over to this socket here.
[38:25.450 --> 38:31.750]  That seems to be the case. So that's one of them that I have. Like I said, I have
[38:32.710 --> 38:38.410]  several chip readers. I can't remember the number this covers. I think it's like 7 or 8,000
[38:38.410 --> 38:43.310]  different chips that are actually supported by this. So does it cover every chip that I encounter?
[38:43.310 --> 38:49.090]  The answer to that is no. Does it cover a large number of them? Yes, it does. I mean, it probably
[38:49.090 --> 38:57.270]  covers two-thirds of them that I come across. One of the other chip readers I have is this
[38:58.570 --> 39:06.060]  RT809H. So the RT809H, here it is here. Similar, a little bigger physical construction.
[39:06.550 --> 39:12.750]  This one comes in handy. You cannot use, you can use these sockets. So all of the inline
[39:12.750 --> 39:19.010]  sockets that came out of the TL866 that are straight pin-to-pin wiring and don't contain
[39:19.010 --> 39:26.150]  any kind of circuitry, you can use them on this. But if it happens to be the TSOP48s,
[39:26.150 --> 39:30.870]  those actually had circuitry built into them. So you have to buy a socket that will actually
[39:30.870 --> 39:40.490]  work on it. And this is a straight pin-for-pin one. So I use this one typically as a backup.
[39:40.490 --> 39:47.190]  There's times that the TL866 doesn't work or doesn't have what I'm looking for,
[39:47.190 --> 39:52.630]  so I jump over to this one. It works pretty darn good. Also, this one you can get various
[39:52.630 --> 40:00.850]  sockets for. Here happens to be a socket for it. This was like a $40 socket. This is a BGA. This
[40:00.850 --> 40:11.890]  is a 63-ball BGA NAND flash memory socket. I think I played 45 and had that shipped over from
[40:11.890 --> 40:17.810]  AliExpress from China. The crazy thing is I ordered it right when this whole COVID thing
[40:18.720 --> 40:27.570]  hit this fan. So it took like two months to get to me versus the typical 30 days that I often have
[40:27.570 --> 40:31.270]  wait or shorter time period. So that's one of the readers.
[40:31.270 --> 40:38.670]  So some of the other readers I have in my arsenal here is dealing with
[40:40.090 --> 40:53.450]  embedded multi-chip packages and embedded multimedia controllers. So these you actually
[40:53.450 --> 41:00.610]  find a lot when you're dealing with embedded systems and especially some consumer-grade IoT.
[41:01.690 --> 41:13.930]  These are actually for reading BGAs. This is an embedded multimedia chip for 153-ball BGA.
[41:13.930 --> 41:22.270]  So you open it up. You drop the chip in there. Plug it in. It's USB 3. Plug it into your computer.
[41:22.270 --> 41:27.370]  Hit this button here. And that chip will mount up just like a file system. It'll mount up just
[41:27.370 --> 41:33.930]  like an SD card will mount up. And it'll actually mount the entire file systems on the device most
[41:33.930 --> 41:39.910]  of the time. And from there, you can quickly recover the data. Sometimes you can alter the data.
[41:40.630 --> 41:47.330]  One of the exercises I did, I actually used that to pull the data and then use one of these in
[41:47.330 --> 41:54.110]  all data and then DD it back to the actual chip and then reball the BGA, put it back on the device
[41:54.110 --> 41:59.750]  to gain root level access. So these are great and they come in a number of different sizes.
[41:59.910 --> 42:06.690]  So that's known as an embedded multi-chip package type thing. Again, you'll find these in a lot of
[42:06.690 --> 42:14.790]  devices. That means it contains both RAM and flash memory in the actual chip. But these ones are kind
[42:14.790 --> 42:21.190]  of pricey, like $135. There is a cheaper version. This is pretty much the same thing, but it's done
[42:21.190 --> 42:28.590]  up just like an SD card. So, and then you just plug it in like an SD card into your computer and
[42:28.590 --> 42:36.170]  it'll mount the chip up just like a file system. Now, these ones are a little cheaper. I think
[42:36.170 --> 42:42.890]  they're well under $100, like $90 or something like that. Also, if you need to deal with embedded
[42:42.890 --> 42:52.230]  multi-chip package or embedded multimedia chips, I would recommend doing a little Googling on that
[42:52.230 --> 42:59.850]  because this example here, people have actually built these. So there's ways to build these.
[42:59.850 --> 43:03.730]  Of course, you may have to dead bug the chip, which means you're going to need a good
[43:05.010 --> 43:09.350]  microscope because you'll end up soldering to the pads of the chip on the underside.
[43:09.350 --> 43:13.690]  But there's only like five connections or four connections that have to be made on the chip.
[43:13.690 --> 43:18.370]  And you can literally actually read it. So there's a lot of documentation out there. So you can take
[43:18.370 --> 43:24.110]  the hacker mode and save yourself a lot of money. But again, it'll take a lot more time.
[43:28.050 --> 43:36.010]  So any questions there on chip readers? And again, most of these chip readers were $120 to $140
[43:36.850 --> 43:45.190]  right around there. One question that came up with regard to the chip readers here that I'm seeing
[43:47.670 --> 43:52.610]  is... and this is a little bit of a backfill, I do apologize. One question that came up earlier is,
[43:52.610 --> 43:56.750]  is it actually worth picking up an old benchtop logic analyzer off eBay
[43:57.210 --> 44:03.270]  or going with some of the newer USB tools? Cost is a limiting factor for this individual.
[44:04.350 --> 44:11.010]  Ah, you know, I don't know enough about any of the benchtop logic analyzer tech that you're
[44:11.010 --> 44:16.450]  talking about. I haven't worked with any of those. Typically, most of the stuff I've done with is the
[44:16.450 --> 44:21.050]  USB stuff. I mean, if you're looking for a logic analyzer, just to give it a try,
[44:21.050 --> 44:25.170]  I'll be honest with you, a lot of these, when you start getting into these smaller ones,
[44:25.170 --> 44:31.550]  24 megahertz, I have not used this. So obviously, it's $12 from a logic analyzer standpoint.
[44:31.550 --> 44:37.650]  This gives you an entry point, just to get familiar. And I think the logic programs put
[44:37.650 --> 44:42.330]  out by Sele will actually work on these. And there's a couple other ones. And Jonathan's
[44:42.330 --> 44:47.250]  going to talk about this in more detail tomorrow. So I definitely swing by his presentation.
[44:47.250 --> 44:51.010]  I would start off, if money's limited, I mean, can you come up with 12 bucks,
[44:51.010 --> 44:57.410]  give one of these things a try. I bet you nine times out of 10 on most standard consumer grade
[44:57.410 --> 45:03.230]  IoT, this is going to be fine. I've only run into issues when I'm dealing with commercial level
[45:03.230 --> 45:11.050]  devices, where a megahertz rating like this would not have worked. So just an example.
[45:11.830 --> 45:16.410]  That makes sense. And another backfill question here. Asher says,
[45:16.410 --> 45:22.450]  such a great lab, Daryl. One question, what do you use for on-chip debugging other than the Shikra?
[45:25.370 --> 45:32.490]  Oh, on-chip debugging? Yeah, we're actually get into that next. If you want to do on-chip debugging
[45:33.590 --> 45:37.530]  or pulling firmware out of the chips and all that type of stuff. That's the next section
[45:37.530 --> 45:43.230]  that we're going to dive into. Okay, perfect. And I think we'll put a pin on that question
[45:43.230 --> 45:47.190]  because it sounds like it'll be answered. Next question here reads, what are these
[45:47.190 --> 45:52.410]  readers used for? What are you reading off these chips? Sorry, noob. Thank you.
[45:52.410 --> 45:56.190]  There's nothing wrong with that, man. I mean, we were all learning at one time.
[45:56.310 --> 46:03.590]  Five years ago, I couldn't have told you any of this stuff at all. So what we're doing is
[46:04.210 --> 46:10.770]  these chips I'm talking about are flash memory chips. This is where the embedded device holds
[46:10.770 --> 46:17.790]  its operating system. It's also where it holds configuration settings and data associated with
[46:17.790 --> 46:22.990]  the functionality of that device. So if you want to be able to pull off the firmware for some kind
[46:22.990 --> 46:30.610]  of offline analysis, you want to do some offline debugging with IDA Pro or something like that,
[46:30.610 --> 46:35.030]  then you need to be able to extract the firmware. So to be able to extract the firmware,
[46:35.030 --> 46:41.190]  you need to gain some level of access. Chip readers come in handy for doing what I consider
[46:42.090 --> 46:48.550]  off-board reading. So you desolder the chip, remove it from the board, drop it into the reader,
[46:48.550 --> 46:52.930]  dump all of the memory out of that chip, and then you solder the chip back on the board.
[46:52.930 --> 47:00.350]  I have a tendency, since I'm fairly good at soldering and desoldering and stuff like that,
[47:00.350 --> 47:05.610]  that I will often do that. I will literally just pull the chip versus trying to do it in circuit
[47:06.250 --> 47:13.350]  because I found it's sometimes much easier. In some cases, not always, but in a number of cases,
[47:13.350 --> 47:17.710]  the only time it's more difficult is when you're dealing with like a ball grooter rated chip,
[47:17.790 --> 47:23.070]  a PGA chip, where the pins are underneath. So when you remove it, the complexity of putting it back
[47:23.070 --> 47:28.670]  on is fairly complex. So hopefully that answers that question.
[47:30.150 --> 47:38.170]  Makes sense. And one final question here. It's asking about the Flipper Zero. Individuals asking,
[47:38.170 --> 47:42.870]  what are your thoughts on the upcoming Flipper Zero? Is it a great asset or a gimmick?
[47:42.870 --> 47:48.270]  Kickstarter problems apply. Flipper Zero. I don't think I've seen that. Have you seen that?
[47:48.270 --> 47:53.170]  Have you looked at it? Yeah, it looks super interesting, actually. I'm additionally not
[47:53.170 --> 47:57.590]  familiar with it. Looks super slick. Looks like you can do a lot of hardware analysis with it.
[47:58.150 --> 48:01.810]  I think it looks kind of cool. It's very powerful for sub one gigahertz.
[48:01.850 --> 48:06.190]  From what I'm seeing there, it looks somewhat similar to the Yardstick with maybe a few
[48:06.190 --> 48:13.710]  additional features. But it looks pretty slick, in my opinion. Yeah, like I mentioned, there is
[48:13.710 --> 48:20.390]  always new tech being developed. So often I don't dig into those unless it happens to be on my table
[48:20.390 --> 48:25.350]  or something I need to work on. And then I go out looking and I try to look for the right tool,
[48:25.350 --> 48:30.250]  the right solution, the one that's going to help me do the job the easiest and the quickest.
[48:30.970 --> 48:35.790]  So, hey, great. Thanks for bringing that up. I'll have to look at that once we get offline here.
[48:37.250 --> 48:44.670]  Yeah, and Daryl, we actually had the inventor of the Flipper Zero present at our event back in May.
[48:44.670 --> 48:49.630]  So anyone who's listening, you can always check that video out as he goes through all the features
[48:49.630 --> 48:54.670]  and so the story of why he built it. Outstanding, Sam. Thank you very much.
[48:54.670 --> 49:03.470]  We'll check that out. So kind of moving on from there, I just wanted to get into some debugging.
[49:04.790 --> 49:10.130]  There was some area I did miss earlier, and we may jump on it at the end if we have time,
[49:10.130 --> 49:17.410]  but we'll start with debuggers. The first thing I want to look at is not necessarily a debugger,
[49:17.410 --> 49:26.730]  but pretty darn close to it. This is fairly pricey, about $150 to $170. It's a JTAGulator.
[49:26.870 --> 49:35.970]  I have not used this in a while. Don't ask me why. I guess I need to figure out where the JTAG
[49:35.970 --> 49:42.090]  connections are in a while. But if you're in a bind and you need to figure out if there's any
[49:42.090 --> 49:49.330]  exposed JTAG connectors on a chip that you can't identify, this is the tool for doing it.
[49:49.330 --> 49:55.410]  You just plug all these in here. You hit reset, go. You have some software you can run on this
[49:55.410 --> 50:05.550]  thing, and it gives you the ability to go through all of the testing sequences for all the different
[50:05.550 --> 50:11.450]  wiring combinations that you could possibly generate by plugging this thing in and checks for
[50:11.450 --> 50:18.290]  various JTAG connections. It can also be used for UART. I don't use it for UART. Typically,
[50:18.290 --> 50:26.930]  that's easy enough to spot with a logic analyzer fairly quickly. But yet a good tool to have in
[50:26.930 --> 50:35.410]  your arsenal, especially if you're doing a lot of debugging devices where you can't identify
[50:35.410 --> 50:42.130]  whether a JTAG is available. They also added some features to this that will actually go through
[50:42.130 --> 50:52.070]  and do I-O testing. So, it'll do a series of tests, information, feed, and capture based on
[50:52.070 --> 51:00.570]  identifying the various I-Os on a processor. So, that's also a great feature. So, when it gets
[51:00.570 --> 51:08.110]  into logic or not logic analyzer, but debuggers, how can I interact with a chip? How can I
[51:08.110 --> 51:15.450]  interact with the processor? And some of them may be, hey, how can I pull firmware out of a
[51:15.450 --> 51:21.350]  processor that actually has flash in the processor, which seems to be the thing I often do.
[51:21.350 --> 51:27.570]  I have a whole slew of debuggers. I got dozens and probably a dozen of them laying around here
[51:27.570 --> 51:33.310]  somewhere for various things. But there's one that I have that's like a go-to, at least mainly
[51:33.310 --> 51:41.090]  for ARM processors, and that's a JLINK Seeger. JLINK is a great product. This is a commercial
[51:41.090 --> 51:47.790]  version. These are kind of pricey based on the speed and the capabilities of the hardware,
[51:47.790 --> 51:55.010]  the price goes up and up. I think this one was like $600, can easily go upwards of a thousand
[51:55.010 --> 52:03.470]  or more for the solution. But there is hope. If you're interested in the Seeger JLINK and you are
[52:03.470 --> 52:09.350]  basically a student or somebody learning, you can buy the EDU version. When I first started learning
[52:09.770 --> 52:15.770]  and wasn't using it for commercial use, I purchased that. It was like $70, has all the
[52:15.770 --> 52:22.030]  similar capabilities. Its speed of data reads probably not as fast, but it's pretty good.
[52:22.030 --> 52:30.590]  Another thing I do is a habit of mine is I always tape the pin out for all of the pins on some of
[52:30.590 --> 52:36.670]  these devices, because I rarely throw a 20-pin plug in there and use it. I often use single plugs
[52:37.230 --> 52:45.230]  because often we use this for not only for standard JTAG, but I use it for serial wire debug
[52:46.730 --> 52:53.590]  or CJTAG. This will do CJ offset also, which is a subset of JTAG that is also
[52:54.190 --> 53:01.430]  like serial wire debug. So if you're like me and you can't memorize all these pins on everything,
[53:01.430 --> 53:06.250]  actually doing a printout and sticking them in the back is a nice little feature that I use
[53:06.790 --> 53:14.230]  to help speed me along. But again, it's a great product. And for mainly ARM processors,
[53:14.230 --> 53:19.850]  I go to on this, but then also I will use various debuggers for different process.
[53:20.070 --> 53:26.970]  So if you TI, TI chips, the CC debugger, I can't remember what this was, $20, $30. It wasn't that
[53:26.970 --> 53:33.070]  much. And it happened to be a case where I was dealing with some TI chips and I'm like,
[53:33.070 --> 53:38.690]  just buy the thing, put it in my lab, I have it. Another one, which we demoed last year,
[53:38.690 --> 53:47.130]  and that was dealing with the XDS 110, which is another TI debugger. I really didn't want,
[53:47.130 --> 53:52.290]  and I wanted to expose people to the XDS 110 from a debugging standpoint, but I didn't want to buy
[53:52.290 --> 53:58.910]  the full blown one because it's like $110, $120. But it turns out that they made this small
[53:58.910 --> 54:04.970]  development kit type thing for a sensor tag. And the one you buy for that is basically a stripped
[54:04.970 --> 54:11.090]  down model. There's no case, there's some features turned off, but it works the same way.
[54:11.090 --> 54:18.590]  And this was like $15 versus 100 and some dollars. And it worked pretty good. And I kind of got this
[54:18.590 --> 54:27.870]  idea because I bought, I was doing some research on a TI chipset and I, for a vendor. And so I
[54:27.870 --> 54:33.590]  bought the development kit and development kit had an XDS built into the chip on the development kit,
[54:33.590 --> 54:39.150]  which got me interested in doing this. And that's why I kind of shared that stuff last year and let
[54:39.150 --> 54:45.070]  people do the hands-on. Now, I have a number of debuggers around here, but, you know, a debugger
[54:45.070 --> 54:51.810]  is what it is. It's a debugger. Typically what I do is when I encounter a chipset, the first thing
[54:51.810 --> 54:58.990]  I do is I go out and go, okay, if I was a developer on this product line for this chipset, how would I
[54:58.990 --> 55:05.810]  do it? What product would I use? What does the vendor recommend for interacting with their
[55:05.810 --> 55:12.790]  hardware, their chips? And then I go out and check it out. Do they have guidelines for using a JLink?
[55:12.790 --> 55:19.190]  Then I use a JLink. Do they have a specialized debugger like PIC processors do, which is
[55:19.190 --> 55:26.990]  basically encircled serial programming? That's basically SPI. If that's the case, then get those.
[55:26.990 --> 55:34.310]  I have several of those laying around here. The PIC kits is what they're called.
[55:34.930 --> 55:39.130]  So, I try to find out what the developer community uses for a particular product,
[55:39.130 --> 55:45.950]  and if I can afford it and it's inexpensive, I buy that, or I buy the next level alternate
[55:45.950 --> 55:51.850]  to actually use. And that's typically the approach that I use. I found out if I'm
[55:51.850 --> 55:58.710]  trying to deal with a chipset and I'm using somebody else's debugger, it has a tendency to
[55:58.710 --> 56:04.770]  not always do what I expected to do. It doesn't always give me the information that I get from
[56:04.770 --> 56:09.930]  the development community on the product or from the vendor on the product, and it adds a level
[56:09.930 --> 56:16.510]  of complication. And I'm able to find way more resources if I use what the development community
[56:16.510 --> 56:23.730]  uses on that product. But the reality, that's not always feasible. There's been a number of times
[56:23.730 --> 56:28.590]  where I've gone, hey, here's a chip. You go out and you try to find out what the development
[56:28.590 --> 56:34.370]  community is using for and find out it costs $10,000 and you can only buy it from the vendor.
[56:34.370 --> 56:40.270]  In cases like that, then, hey, if it's an ARM, use ARM. If it's something else,
[56:40.270 --> 56:46.250]  go all the way down and use one of these and then use OpenOCD if you have to,
[56:46.250 --> 56:54.770]  whatever it takes. But I tend to have to dive into what the actual person producing uses.
[56:56.050 --> 57:00.810]  I want to move on real quick because we're running a little behind and I want to get this
[57:00.810 --> 57:06.370]  next phase because I know the... well, matter of fact, never mind, we can do that. Got any questions?
[57:07.350 --> 57:13.710]  Yep. Looks like one question cropped up here. Josh asks, do you happen to have any books,
[57:13.710 --> 57:18.590]  videos, or any learning material that you recommend to start learning IoT hacking?
[57:19.210 --> 57:29.250]  Oh, gosh. That's kind of a hard one. I'm not a big book person, to be honest.
[57:29.510 --> 57:34.590]  What I typically do is I'm definitely a Google and YouTube kind of guy.
[57:35.650 --> 57:43.750]  Everything that I've wanted to learn, an example, I wanted to learn how to re-solder a TSOP48 pin
[57:43.750 --> 57:49.350]  chip back onto a circuit board. I'm like, damn, this is going to be hard. I can't go solder each
[57:49.350 --> 57:55.410]  pin. So I went on YouTube and looked it up and go, how do I do this? And there's like three or
[57:55.410 --> 58:00.930]  four videos out there. And then I watched those videos and it's the same way. If I want to learn
[58:00.930 --> 58:08.650]  how to use UART, I go check out some of the videos on finding UART and looking for UART,
[58:08.650 --> 58:13.470]  same way with logic analyzers. And it's typically the approach that I do. And I still do that to
[58:13.470 --> 58:20.930]  this day. Anytime I'm working in engagement or testing a product and I go, how do I interact
[58:20.930 --> 58:25.410]  with this? I haven't done this before because even though I've been in this in four years,
[58:25.410 --> 58:31.150]  I constantly encounter things that I haven't encountered before. I first, I go out and find
[58:31.150 --> 58:37.550]  out who else has done this. Has it been done before? Has anything similar to it been done
[58:37.550 --> 58:42.530]  before? And that's kind of my approach. If you're trying to, and I know there's a lot of learning
[58:42.530 --> 58:50.630]  kits out there, but I'd also recommend, oh gosh, where is that? Hold on. I would recommend looking
[58:50.630 --> 58:55.670]  at some inexpensive products just to play around with. And I'm going to throw some pictures up
[58:55.670 --> 59:05.330]  here. And like these, these right here, Vixme 300 millimeter router type things. Let's pop
[59:05.330 --> 59:11.410]  one of these things out here. Oh, that's one thing about my lab. It's like a ton of gear.
[59:11.410 --> 59:17.830]  So this one actually uses, it's a little router device. So we have these chips on here.
[59:19.570 --> 59:27.670]  So it has a lot of things you can interact with. There's Ethernet. There's USB. It actually has
[59:27.670 --> 59:34.130]  UART. So UART is actually marked on here. If you look, there's, it says TX and RX,
[59:34.130 --> 59:42.890]  and then I found the ground. This runs OpenWRT. It actually has a flash memory chip right here.
[59:42.890 --> 59:47.030]  So here's a chance to figure out how to get the memory out of the device.
[59:47.030 --> 59:54.230]  Here's a chance to play with this. In this case here, root doesn't have a password on it. So in that case there,
[59:54.230 --> 59:58.850]  you really, as soon as you get the console, it's going to be root level access. But you can change
[59:58.850 --> 01:00:05.470]  that and then try to get around it. This device is like 20 bucks. And I would recommend getting
[01:00:05.470 --> 01:00:13.350]  something like this and starting out by just going, hey, this is a Meditech chip. What does that mean?
[01:00:13.350 --> 01:00:21.690]  Data sheets. This here is a RAM chip. Find the data sheets. This is a flash memory chip. Find
[01:00:21.690 --> 01:00:28.290]  the data sheets. Read those data sheets and kind of learn and play around and experiment. And if
[01:00:28.290 --> 01:00:39.260]  you screw it up, throw it in the trash can and go spend another 20 bucks. Hopefully that answered
[01:00:39.260 --> 01:00:43.380]  the question. Okay, here's another one, but I don't think the GL Mango is even available anymore,
[01:00:43.380 --> 01:00:46.320]  but it's the same product, just relabeled different.
[01:00:48.620 --> 01:00:53.020]  Another question cropped up here was, I think it's kind of an extension of that question.
[01:00:53.020 --> 01:00:57.280]  Do you have any go-to YouTube channels? Do you follow anyone on social media?
[01:00:58.960 --> 01:01:06.860]  Oh, gosh. Yeah, from social media, I'm a Twitter guy. So you can find me on Twitter. My handle's
[01:01:07.680 --> 01:01:17.760]  percent, P-E-R-C-E-N-T underscore X. Yeah, please follow me. If you're one that tweets a lot of
[01:01:17.760 --> 01:01:22.420]  political stuff, there's nothing wrong with that. I'm just not a big fan of that, just to be aware
[01:01:22.420 --> 01:01:28.480]  of it. I want to see mostly technical stuff. So if you're doing technical stuff out there,
[01:01:29.420 --> 01:01:35.140]  that's kind of cool. I'll probably follow you back. But yeah, that's one thing I do. I do not
[01:01:35.140 --> 01:01:41.240]  follow any YouTube channels. I'm usually all over the map, whatever I'm working on at that time.
[01:01:41.820 --> 01:01:47.260]  And I need to learn something specific, then I go out and search. And I never look at one single
[01:01:47.260 --> 01:01:51.980]  example. If there's a dozen examples out there, I'll usually look at three or four of them and
[01:01:51.980 --> 01:01:56.580]  get three or four different viewpoints on how to approach something or how somebody's done that.
[01:01:56.680 --> 01:02:01.240]  And then experiment with my own ways and own methods and try to build from that.
[01:02:01.240 --> 01:02:09.360]  We've also, at Rapid7, I put out a number of blogs. So if you use my name, Daryl Hyland,
[01:02:09.360 --> 01:02:15.300]  and search for Rapid7 blogs. I think we put out a whole series last year, actually pulling
[01:02:15.300 --> 01:02:21.820]  firmware from microcontrollers, like four of them, covering four different type of microcontrollers,
[01:02:21.820 --> 01:02:28.160]  four different software packages, four different debug type devices. So every once in a while,
[01:02:28.160 --> 01:02:38.920]  I'll do that type of stuff too. Okay, so I want to move on to odds and ends. This is kind of a
[01:02:38.920 --> 01:02:48.400]  big one. So when you're doing work on devices, it comes down to often needing a lot of strange
[01:02:48.400 --> 01:02:54.200]  stuff. Now the first one is wire. I don't know how good the video is out there, but this is
[01:02:54.200 --> 01:03:03.600]  40 gauge wire. And to be absolutely correct about this, I hate this shit. But this stuff comes in
[01:03:03.600 --> 01:03:12.980]  handy for soldering into microscopic small circuits for tapping into them. So currently,
[01:03:12.980 --> 01:03:21.140]  I'm working on a project right now where I have to tap into an Intel i3 processor. I'm trying to.
[01:03:21.860 --> 01:03:29.360]  And the only way to do it is the pads are like 0.3 millimeters. So I am actually using this under a
[01:03:29.360 --> 01:03:34.100]  microscope and soldering it up. And at the end of this thing here, I'll show you what I attach it to
[01:03:34.100 --> 01:03:39.160]  when I'm done, which will be a lifesaver. So that comes in handy. If I'm doing something else that's
[01:03:39.160 --> 01:03:46.260]  bigger from a wire standpoint, I use this. This is wire wrap wire. I don't even know, VT Corporation.
[01:03:46.260 --> 01:03:51.360]  And I found this. It comes in all of these different strands. This is covered with a really
[01:03:51.360 --> 01:03:59.140]  fine plastic coating. That 40 gauge wire earlier was covered with lacquer, real thin coat of lacquer.
[01:03:59.140 --> 01:04:03.960]  Keep it from shorting out. This stuff will melt that's on the outside of this. But when you're
[01:04:03.960 --> 01:04:10.020]  looking for like 30 gauge wire, you need to find wire wrap. If you buy standard 30 gauge wire,
[01:04:10.020 --> 01:04:16.120]  the actual insulation going around the wire will be thicker than the wire itself and will get in
[01:04:16.120 --> 01:04:24.660]  the way when trying to solder two small circuit pads to tap into it. The other thing is, you know,
[01:04:24.660 --> 01:04:29.720]  when you open up a device and you start thinking about headers, you need to attach headers. And
[01:04:29.720 --> 01:04:34.440]  this become a nightmare over the years, or at least early on when I first started, because I
[01:04:34.440 --> 01:04:41.900]  was seeing all kinds of stuff. So I went out and tried to get samples of both 2.54 millimeter
[01:04:41.900 --> 01:04:46.480]  headers. So this can be plugged into the board and soldered in and then you just plug into it
[01:04:46.480 --> 01:04:52.600]  for the places there are headers. What if there happens to be dual header? So then I bought some
[01:04:52.600 --> 01:04:58.960]  dual headers to have those. I have boxes of these things laying around. So on top of that, what
[01:04:58.960 --> 01:05:05.600]  happens if it's a surface mount header for 2.5 more millimeter? So if you look at this, it actually
[01:05:07.740 --> 01:05:14.440]  has... see how the bottom is sticking out there? It's actually gall winged. So there you go. And
[01:05:14.440 --> 01:05:24.080]  then we do the same thing for 1.27 millimeters, single row, double row. And these are the most
[01:05:24.080 --> 01:05:29.540]  common. And trust me, there's people that produce other headers that you want to kill them when you
[01:05:29.540 --> 01:05:34.700]  get them because these things won't fit in a gall wing one. So yeah, I went out and kind of purchased
[01:05:34.700 --> 01:05:40.320]  all of this stuff. Over time, I didn't do it in one day. It's like, hey, I need headers that are
[01:05:40.320 --> 01:05:46.760]  1.27. I need gall wing headers and then went out and bought them. The other thing that is a
[01:05:47.340 --> 01:05:54.520]  lifesaver and that is glue. Glue comes in really handy because when you're attaching small wires
[01:05:54.520 --> 01:05:59.760]  to a board and you snag the wire, you pull the wire, you could easily rip the pad clear off the
[01:05:59.760 --> 01:06:04.980]  board, which will happen to you anyways, but this will help prevent it. This glue here
[01:06:04.980 --> 01:06:12.780]  works like a champ. So here is some 30 gauge wire that I've attached to this device here.
[01:06:12.860 --> 01:06:13.920]  And you can see...
[01:06:25.450 --> 01:06:32.410]  So right here, you can see this is glue. So I put a dab of glue in there and it holds the wires
[01:06:32.410 --> 01:06:40.150]  and it prevents me from tearing the pads out from this circuitry. It works like a champ.
[01:06:40.150 --> 01:06:44.890]  If you need to remove the glue, it peels right off. It takes a little force, but it'll peel off
[01:06:44.890 --> 01:06:51.850]  clean off the circuit board. And it's actually brilliant for what you need to do. Some of the
[01:06:51.850 --> 01:06:57.130]  other things that we're going to need, you're going to need a wire. So these are jumper wires.
[01:06:57.130 --> 01:07:02.670]  You can get these male-to-male, female-to-female, and they just peel off. So I have bundles of
[01:07:02.670 --> 01:07:07.830]  these. And when I'm done using one, I throw it away. Because if you keep plugging it in,
[01:07:07.830 --> 01:07:12.810]  plugging it in, plugging it in, by the end of the day, it'll start weakening to the point where
[01:07:12.810 --> 01:07:16.750]  it will give you problems if you keep trying to use it. And there's nothing worse than losing
[01:07:16.750 --> 01:07:20.870]  three or four hours trying to figure out why something isn't working and find out your plug
[01:07:20.870 --> 01:07:26.790]  is just wore out. So I usually get bundles of these. And then you'll find them scattered all
[01:07:26.790 --> 01:07:32.970]  over the floor because I just throw them on the floor when I'm done. I'd also recommend
[01:07:32.970 --> 01:07:39.110]  breakout boards. Quick breakout boards are for quick for doing various projects and stuff like
[01:07:39.110 --> 01:07:49.250]  that. And that's kind of sweet. And then let me see. Oh gosh, here's some stuff I bought on a
[01:07:49.430 --> 01:07:55.870]  project a while back. I ran into a project where I need USBs. So I literally went out and bought
[01:07:55.870 --> 01:08:02.330]  USB breakouts. So you can buy these little kits for like five, six bucks. Okay. And it gives you
[01:08:02.330 --> 01:08:08.150]  the ability to do USB breakouts so that you can solder up connections on these things and be able
[01:08:08.150 --> 01:08:15.150]  to tap into various USBs. Kind of the reason why I needed that. It turned out that the device that
[01:08:15.150 --> 01:08:22.330]  I pulled apart was an industrial device and it had a solid state drive in it. The solid state drive
[01:08:22.330 --> 01:08:31.110]  was an ATA. It was basically USB. And it was kind of a weird wire out structure. So from here,
[01:08:31.110 --> 01:08:38.850]  I was able to jump it out the way I wanted it to, to fit the USB properly and was able to use that
[01:08:38.850 --> 01:08:45.510]  to tap into the actual device and effectively be able to read the data off of it pretty effectively.
[01:08:45.510 --> 01:08:51.710]  So that worked pretty good. Here's some... these are a little expensive, but they've come in handy
[01:08:51.850 --> 01:08:58.530]  a few times. These are micro grabbers and they go... I can use them on a logic analyzer or some other
[01:08:58.530 --> 01:09:03.910]  kind of testing equipment. I have a set of these that I've put together. I think these were like
[01:09:03.910 --> 01:09:10.930]  20 bucks a piece, but they have a 0.5 millimeter pitch. Comes in handy for small stuff. And then
[01:09:10.930 --> 01:09:20.690]  the big item. I think this is really critical. This is a test board. I built these. And I would
[01:09:20.690 --> 01:09:26.770]  recommend building test boards to meet your particular needs in the projects you're working
[01:09:26.770 --> 01:09:32.790]  on. It'll come in... it'll be very vital to actually be able to do it. So if we look at this
[01:09:33.370 --> 01:09:38.170]  from this test board, we have two sides of this. So we can take the wire and we could hook into
[01:09:38.170 --> 01:09:43.070]  here. These are screw terminals. So you can screw the wire in here and instantly you have two headers
[01:09:43.070 --> 01:09:50.330]  to put test equipment on. This one over here is similar. This one has jumpers in the middle.
[01:09:50.330 --> 01:09:55.790]  This one's isolated with a switch. These are isolated with jumpers. So once you attach the
[01:09:55.790 --> 01:10:02.010]  jumpers or throw the switch, you get connections all the way across. So if it's turned on, then I
[01:10:02.010 --> 01:10:07.490]  basically get four headers I can tap into. This also makes it possible, and where I've done
[01:10:07.490 --> 01:10:13.710]  interchip communication testing, where I actually come off the circuit board here, route through
[01:10:13.710 --> 01:10:18.550]  here, and then I go back to the circuit board, and then I cut the runs on the circuit board,
[01:10:19.210 --> 01:10:24.550]  making all the traffic flow through this. And it gives me the ability to turn on and off the flow
[01:10:24.550 --> 01:10:29.510]  on a circuit board for analysis and ability to hook multiple pieces of test equipment up
[01:10:29.510 --> 01:10:36.370]  for analysis. And again, I built these, get these boards. You can see where they're broke right here
[01:10:36.370 --> 01:10:42.490]  so that they require a switch or a jumper to do them. And these come in extremely handy. I've
[01:10:42.490 --> 01:10:48.950]  built four or five different ones, but having these screw terminals are a lifesaver for connecting
[01:10:48.950 --> 01:10:58.930]  up things. So I'd recommend building some of your own jigs and test equipment. Any questions?
[01:11:00.690 --> 01:11:05.810]  It looks like a high-level question kind of cropped up here. This was with regard earlier
[01:11:05.810 --> 01:11:13.010]  to when you're speaking towards like the FTDI devices. The question is, what software do you
[01:11:13.010 --> 01:11:17.730]  use in order to start talking to these devices? And again, this is with regard when you're talking
[01:11:17.730 --> 01:11:24.110]  about the Shikra, those types of hardware devices. So if you're using the Shikra,
[01:11:24.110 --> 01:11:27.690]  if you're using JTAG, then you're obviously going to use like OpenOCD
[01:11:30.550 --> 01:11:38.550]  is probably one of the best ones that you're actually going to use is OpenOCD for it.
[01:11:38.550 --> 01:11:46.110]  When it comes to UART, there is so many console programs out there. It's literally kind of hard to
[01:11:46.710 --> 01:11:58.010]  say which one is the best one. I have a tendency to use, gosh, cool term, and I use it on my Mac.
[01:11:58.010 --> 01:12:08.510]  If you're on a Linux system, I would just use screen for interacting with a USB UART connector.
[01:12:08.550 --> 01:12:15.790]  As an example, for the logic analyzers, the manufacturers produce software called Logic,
[01:12:15.790 --> 01:12:20.830]  Salay does. There's the older version, and there's Logic 2, which is pretty good.
[01:12:21.110 --> 01:12:27.870]  So for standard UARTs, again, there's tons of programs out there. Find the one that works best for you.
[01:12:29.250 --> 01:12:35.010]  And or if you're on a Linux box, just use screen. Screen has the ability to interact with
[01:12:36.090 --> 01:12:42.370]  TTY USB 0, TTY USB 2, 1, ever how many UARTs you have connected up,
[01:12:42.370 --> 01:12:50.610]  and also set the associated bauld rate right within screen. When you get into logic analyzers,
[01:12:50.610 --> 01:12:56.410]  you know, like Jlink. Jlink produces its own... not logic analyzer, I'm sorry,
[01:12:56.410 --> 01:13:03.310]  debuggers. Jlink produces its own software, same way with ccdebug. Also, individual manufacturers
[01:13:03.310 --> 01:13:11.150]  of certain chips will produce their own software to interact with their chips over Jlink. Nordic
[01:13:11.150 --> 01:13:19.450]  is one of them. Nordic produces software to connect to their NRF5152 series chips.
[01:13:19.450 --> 01:13:28.110]  They can get it as a command line, or you can get it as with a user interface type thing,
[01:13:28.110 --> 01:13:32.610]  and it actually will leverage the Jlink. So a lot of the manufacturers will also produce
[01:13:32.610 --> 01:13:38.530]  custom software to interact with their chip using no standard logic analyzers or
[01:13:39.170 --> 01:13:43.990]  debuggers that are available out there. Any other questions?
[01:13:45.010 --> 01:13:47.590]  That is it. All right.
